POSReady 2009 updates ported to Windows XP SP3 ENU

[glnz]

Mathwiz - many thanks for your concern.  You are certainly right, and I did not click anything in the email.  I closed the email, made my own way to paypal.com and started poking around. 

I'll look again tonight from my Win 10 machine because on my XP machine occasionally an icon pops up of Stalin and Mao sipping tea together.

Edited June 12, 2018 by glnz

[glnz]

By the way, at the start of the "Properties" of the paypal email, I see this (and I have [deleted] some stuff which might be me):

Quote

Return-Path: <bounce@mail.paypal.com>
Received: from mta121b.pmx1.epsl1.com (mpq403.aol.prodcr.mail.gq1.yahoo.com [142.54.244.121])
    (using TLSv1 with cipher ECDHE-RSA-AES256-SHA (256/256 bits))
    (No client certificate requested)
    by mtaig-mac03.mx.aol.com (Internet Inbound) with ESMTPS id [deleted]
    for <[my email]>; Fri,  8 Jun 2018 09:23:59 -0400 (EDT)
X-Apparently-To: [my email]; Fri, 08 Jun 2018 13:23:59 +0000
Received-SPF: pass (domain of mail.paypal.com designates 142.54.244.121 as permitted sender)
X-YMailISG: [deleted] --
X-Originating-IP: [142.54.244.121]
Authentication-Results: [deleted].aol.mail.gq1.yahoo.com  from=mail.paypal.com; domainkeys=neutral (no sig);  from=mail.paypal.com; dkim=pass (ok)
Received: from 127.0.0.1  (EHLO mta121b.pmx1.epsl1.com) (142.54.244.121)
  by [deleted].aol.mail.gq1.yahoo.com with SMTPS; Fri, 08 Jun 2018 13:23:59 +0000
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=mail.paypal.com;

There's a lot more but would be too tiring to sanitize all of it.

Anything interesting in what I pasted above?

Edited June 12, 2018 by glnz

[wyxchari]

[glnz]

If I run new update for IE8 KB4230450 that appeared today in the MS Update Catalog, does it include the special update KB4316682 for adding TLS 1.2 that Harkaz is referring to a few posts above at < THIS LINK > ?

If your answer is "Yes,"  should I still also run the registry changes at Harkaz's post?

Thanks.
 

[dencorso]

On 6/12/2018 at 3:52 PM, glnz said:

If I run new update for IE8 KB4230450 that appeared today in the MS Update Catalog, does it include the special update KB4316682 for adding TLS 1.2 that Harkaz is referring to a few posts above at < THIS LINK > ?

What part of "cumulative" did you fail to understand?

On 6/12/2018 at 3:52 PM, glnz said:

If your answer is "Yes,"  should I still also run the registry changes at Harkaz's post?

Yes, again. But you may use the one below (more comprehensive) instead,

Windows Registry Editor Version 5.00
	
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AdvancedOptions\CRYPTO\TLS1.2]
	"OSVersion"=-
	
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AdvancedOptions\CRYPTO\TLS1.1]
	"OSVersion"=-
	
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings]
	"SecureProtocols"=dword:00000a80
	
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.1]
	
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.1\Client]
	"Enabled"=dword:00000001
	
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.1\Server]
	"Enabled"=dword:00000001
	
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.2]
	
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.2\Client]
	"Enabled"=dword:00000001
	
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.2\Server]
	"Enabled"=dword:00000001

 Enjoy!

[Bersaglio]

Direct links to June 2018 updates: WES09/POSReady 2009 (3, En only), IE8 cumulative security update (En only) and Office 2007 compatibility pack SP3 international update.

http://download.windowsupdate.com/d/msdownload/update/software/secu/2018/06/windowsxp-kb4230467-x86-embedded-enu_69c28fc46349590c7c1241a5076f092e0c34df22.exe
http://download.windowsupdate.com/c/msdownload/update/software/secu/2018/05/windowsxp-kb4293928-x86-embedded-enu_a7875c9e80327caef6fb5dc416daae2af3f98252.exe
http://download.windowsupdate.com/d/msdownload/update/software/secu/2018/05/windowsxp-kb4294413-x86-embedded-enu_b211e66c425fcef8980fd16953483282cb4e6b14.exe

http://download.windowsupdate.com/c/msdownload/update/software/secu/2018/06/ie8-windowsxp-kb4230450-x86-embedded-enu_d8b388624d07b6804485d347be4f74a985d50be7.exe

http://download.microsoft.com/download/7/C/6/7C64A6B2-2D63-4EC0-8216-D8395072B2AD/xlconv2007-kb4022196-fullfile-x86-glb.exe

[SD73]

I ran my MU manually and got all the updates Bersaglio mentions except for the IE8 one which I needed to download and run manually.

[wyxchari]

7 hours ago, SD73 said:

I ran my MU manually and got all the updates Bersaglio mentions except for the IE8 one which I needed to download and run manually.

Yes, I always do it that way too. Only the cumulative update of IE8 manually and then I search with IE, because it is not always necessary to install them all and it depends on the particular system.

Edited June 13, 2018 by wyxchari

[SD73]

8 hours ago, wyxchari said:

Yes, I always do it that way too. Only the cumulative update of IE8 manually and then I search with IE, because it is not always necessary to install them all and it depends on the particular system.

Just to clarify, I ran the MU first through the unupdated IE8.  It found all the updates except the IE8 update, which after all the updates had installed I manually downloaded and ran myself.  My previous experience had been as you suggest.  First updating the IE8 and the other updates followed, but on a lark I decided to try running it as-is and got everything but that one. 

[glnz]

Some minor glitches - maybe because my XP has become something of an involuntary hybrid - like my old Erector Sets with gears and pulleys bolted on in all sorts of places that didn't work very well:

AFTER running heinoganda's Cert_Updater twice in the recent few days, but BEFORE running any of this week's updates , I see the following on my important duct-taped XP machine:

1.   This morning, I rebooted and I see these Errors in Event Viewer - Application:

   Quote

   Source: Userenv    Windows cannot load the locally stored profile. Possible causes of this error include insufficient security rights or a corrupt local profile. If this problem persists, contact your network administrator.

    DETAIL - Access is denied.
   ___________

   Windows has backed up this user's profile. Windows will automatically try to use the backed up profile the next time this user logs on.
   __________

   Windows cannot find the local profile and is logging you on with a temporary profile. Changes you make to this profile will be lost when you log off.
   _________

   Windows cannot load the locally stored profile. Possible causes of this error include insufficient security rights or a corrupt local profile. If this problem persists, contact your network administrator.

    DETAIL - Access is denied.
   ________________

   Windows has backed up this user's profile. Windows will automatically try to use the backed up profile the next time this user logs on.
   ________________

   Windows cannot find the local profile and is logging you on with a temporary profile. Changes you make to this profile will be lost when you log off.
   _____________

   Source: Ci   

   The IISADMIN service is not available, so virtual roots cannot be indexed.
   ______________

   [Various content scans can not be completed].

   FYI - the last two above re Ci I have had for a long time and have ignored.  But what about that Profile stuff?

2.   I rebooted because I had ordered a sfc /scanonce, and after the reboot and completion of the sfc /scanonce, Event Viewer shows me the following Errors:

   Quote

   Windows File Protection scan found that the system file c:\windows\system32\oleaut32.dll has a bad signature. This file was restored to the original version to maintain system stability.  The file version of the system file is 5.1.2600.7475.

   followed immediately by:

   Quote

   Windows File Protection scan found that the system file c:\windows\system32\oleaut32.dll has a bad signature. This file was restored to the original version to maintain system stability.  The file version of the system file is 5.1.2600.5512.

   I know that oleaut32.dll was discussed at length in the posts here after February 6, which I did not understand.  So I don't know what these Errors mean.  Maybe I should replace oleaut32.dll with the editorial page from today's NY Times or a piece of toast?

3. Some incoming emails in my Outlook Express 6 are giving me blank placeholders for graphics and some web sites are giving me some errors that feel like my updated certificates are not right.  Or maybe the web sources have old certificates that are now rejected by my PC because I ran Cert_Updater?

Separately, in XP Mode on my Win 7 machine (which is my test pit), I ran all this week's updates and the .reg for TLS 1.2 in IE and then ordered a sfc / scanonce and rebooted, and I got the same Event Viewer errors above for oleaut32.dll but in this case the sfc / scanonce progress bar also threw an error message about bad files and asked me to insert the original XP disk (which would take me years to find and I don't even know that XP Mode would "see" the DVD player anyway).

Before I run this week's updates on my important duct-taped XP machine (and before I run the TLS 1.2 .reg), what do you think - other than I deserve the Nobel Peace Prize for denuclearizing my bedroom?

Thanks.

Edited June 13, 2018 by glnz

[Dave-H]

Did you have @heinoganda's version of KB4134651 installed from last month, which kept the old oleaut32.dll instead of the buggy replacement?
It doesn't look as if that file was replaced this month, but maybe SFC is suddenly not liking it, although it seems OK here.

Edited June 13, 2018 by Dave-H
Addition

[Dave-H]

Is anyone else having trouble with KB4230467 apparently installing OK but then asking to be installed again, over and over?
It's happening on one of my machines but not the other, so I'm wondering if it's the oem problem again.

[glnz]

Dave-H -- From my important duct-taped machine:

1)  I just checked, and the version of oleaut32.dll that is still in C:\WINDOWS\system32 is 5.1.2600.7475 last modified April 13, 2008, so SFC apparently did not replace it with 5.1.2600.5512.  SFC might be a tad confused. 
(Is the last modification date of April 13, 2008 correct for version 5.1.2600.7475 ?)

2)  I wasn't sure whether I ran WindowsXP-KB4134651-x86-ENU_oleaut32dll.exe (which I had already downloaded and has last modified date of May 9, 2018), so I just now checked Belarc, and it says, "X  KB4134651 on 5/10/2018 (details...) Reinstall!"

So - what do you think?

[liamZ]

43 minutes ago, glnz said:

FYI - the last two above re Ci I have had for a long time and have ignored.  But what about that Profile stuff?

 

Hi, I think I had this problem years ago and it was caused by wrong permissions for the registry hives.

Check permissions for the files:

C:\Documents and Settings\YourUser\ntuser.dat

C:\Documents and Settings\YourUser\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat

They have to be inherited from C:\Documents and Settings\User\ (Full Control to User, System and Administrators)

Edited June 13, 2018 by liamZ

[heinoganda]

Off Topic:

1 hour ago, glnz said:

AFTER running heinoganda's Cert_Updater twice in the recent few days, but BEFORE running any of this week's updates

Am I the culprit again, where the blame is, on your ailing system?  There are alternatives where you get the current root certificates and no longer need to use "heinoganda's Cert_Updater". Furthermore, you can uninstall the modified KB4134651, if you think that you have problems with it.

 

Edited June 13, 2018 by heinoganda